Re: [spamdyke-users] Blocking variations on a "From: " field
On 9/28/2020 7:51 AM, Philip Rhoades via spamdyke-users wrote: You need to block by header contents as it offers more wildcards: https://www.spamdyke.org/documentation/README.html#HEADERS From:* Hmm . . I thought I had tried that - oh well, I will give it a shot! I use this technique successfully but found that a space was required, thus: From: *https://spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] TLS and LibreSSL
Thank you, Sam. I wentwith the traditional OpenSSL just to be sure. On 6/4/2018 8:06 PM, Sam Clippinger via spamdyke-users wrote: I have no idea -- I've never used LibreSSL. As long as they've only updated the internal library code and not changed the API, it'll probably work fine. -- Sam Clippinger On May 26, 2018, at 2:42 PM, BC via spamdyke-users mailto:spamdyke-users@spamdyke.org>> wrote: Will spamdyke compile with TLS using the LibreSSL libraries? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org https://spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] MAILER-DAEMON Flood
Well, I have spamdyke-qrv installed and turned on in spamdyke.conf, but am still getting stuff like this (maillog): Nov 8 21:48:51 33a45916-5b78-11e6-a0e5-0cc47a6975be spamdyke[17138]: ALLOWED from: filenkokir...@shopon.net to: sergushk...@bk.ru origin_ip: 10.0.1.15 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: 250_ok_1478666931_qp_17140 so someone is trying to use my system as a relay, right? with the resulting MAILER-DAEMON bounce. The 10.0.1.15 is the IP of the jail that qmail runs in. Any other thoughts? On 11/7/2016 9:13 AM, Gary Gendel via spamdyke-users wrote: This doesn't look like it's email originating from your system. Instead, it looks like spamdyke has accepted the message and then qmail is doing the rejection. My guess is that it passes through spamdyke with an invalid destination user. Qmail then tries to reject it. You can avoid this by adding invalid user checks in spamdyke so it doesn't reach qmail by setting "recipient-validation-command=" (I use spamdyke-qrv) and "reject-recipient=invalid". Gary ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] MAILER-DAEMON Flood
Thank you very much. I'll look into that. On 11/7/2016 9:13 AM, Gary Gendel via spamdyke-users wrote: This doesn't look like it's email originating from your system. Instead, it looks like spamdyke has accepted the message and then qmail is doing the rejection. My guess is that it passes through spamdyke with an invalid destination user. Qmail then tries to reject it. You can avoid this by adding invalid user checks in spamdyke so it doesn't reach qmail by setting "recipient-validation-command=" (I use spamdyke-qrv) and "reject-recipient=invalid". ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] MAILER-DAEMON Flood
It hasn't risen to the level of DDOS, yet, but I'm getting many hundreds of these messages per night (and it is now continuing during the day). They look like this: Hi. This is the qmail-send program at purgatoire.org. I tried to deliver a bounce message to this address, but the bounce bounced!: 212.4.107.202 does not like recipient. Remote host said: 550 5.1.1 : Recipient address rejected: telcom.es Giving up on 212.4.107.202. --- Below this line is the original bounce. ... each one with totally unrelated email and IP addresses and with variable sizes and all in MIME format. I use FreeBSD here. Running qmail in a jail. I do use ssmtp running on the host (not jailed) in order to get the periodic daily/weekly/monthly reports. Is someone somehow using my system to try to send spam? Any idea how to block this? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Localhost relaying denied
On 10/3/2016 6:58 AM, Faris Raouf via spamdyke-users wrote: dns-blacklist-entry=b.barracudacentral.org Comment out the above and try it again. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] Spamdyke Port Maintainer for FreeBSD Ports
While installing spamdyke on my latest FreeBSD build machine, I saw this notice: Message from spamdyke-5.0.1_1: ===> NOTICE: The spamdyke port currently does not have a maintainer. As a result, it is more likely to have unresolved issues, not be up-to-date, or even be removed in the future. To volunteer to maintain this port, please create an issue at: https://bugs.freebsd.org/bugzilla More information about port maintainership is available at: https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port I claim nothing more than rank amateurish abilities in running a mail server for my personal, in-home use and know nothing about how to maintain a FreeBSD port. I'm willing to learn how, but I'm a VERY slow learner with an obstinate bone in my head. Anyone among you who uses FreeBSD and spamdyke several levels above me who might be willing to assume the maintainership role? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] Real Time Blacklists
I'm building out a new server box and figured it is time to revisit my configuration files, including spamdyke.conf. In 2014 I included some dns-blacklist-entry="entries...". But in 2015/2016 my configuration didn't include any. What say the congregants about the efficacy of RBL usage with spamdyke currently? Do you have favorite entries for the dns-blacklist-entry= parameters? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spam with rDNS resolving to "localhost"
I've got 127.0.0.1 in my "blacklist_ip" file and the system seems to be working fine. On 8/9/2016 4:02 AM, Faris Raouf via spamdyke-users wrote: Dear all, We’re having problems with spam being allowed in from IPs with rDNS resolving to “localhost”. This gets past the reject-empty-rdns filter. Initially I thought these IPs has no rDNS – using dnsstuff, I get no result (normally meaning no rDNS). But using host or dig I see the IPs really do reverse resolve to localhost. ** Example log entry: spamdyke[24468]: ALLOWED from: sqozt...@vnnic.net.vn to: redac...@redacted.tld origin_ip: 113.168.188.219 origin_rdns: localhost auth: (unknown) encryption: (none) reason: 250_ok_1470423419_qp_24501 ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] softlimit error
A, the ulimit limits. I'd forgotten about those and was focusing on the "softlimit" word in the error. Thanks, Sam. On 5/5/2016 6:35 AM, Sam Clippinger via spamdyke-users wrote: You're correct that those messages are related to limits, but not the ones softlimit can set. Those messages are about "hard" limits, which are set using the "ulimit" command. I'd guess either BSD has a default hard limit or something on your system is setting them before spamdyke runs. Those limits are extremely high, so there's very little chance they're going to cause any problems, but spamdyke will keep complaining about them as long as log-level is "verbose" or higher. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] IPv6 Question
That is what I figured. Thanks, Sam. On 5/5/2016 6:30 AM, Sam Clippinger via spamdyke-users wrote: Right now, spamdyke has no support for IPv6 at all, so it can't understand that nameserver line. However, the only consequence should be that error message -- it shouldn't have any trouble skipping that line and using the IPv4 nameserver. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] softlimit error
Now that I've set log-level=excessive, I can see these two errors that spamdyke is spitting out a lot: May 4 13:54:52 Xeon_Right spamdyke[18726]: ERROR(undo_softlimit()@spamdyke.c:3226): data segment hard limit is less than infinity, could lead to unexplainable crashes: 34359738368 May 4 13:54:52 Xeon_Right spamdyke[18726]: ERROR(undo_softlimit()@spamdyke.c:3244): stack size hard limit is less than infinity, could lead to unexplainable crashes: 536870912 Seems to be a harmless error report. Per Sam's suggestion quite some time ago, I quit using the 'softlimit' option in the tcpserver startup "run" files. Available memory >5GiB free all the time. Very fast CPU. The email part of the server is very lightly used as the box is primarily an NAS and for me to play and experiment with intellectually. Had no crashes that I know of - been up for 41+ days since my last intentional reboot. Thoughts? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] IPv6 Question
Using FreeBSD here. In addition to my normal IPv4 connection, I have an IPv6 tunnel set up via Hurricane Electric. Also use unbound as my local DNS cache resolver for resolving both IPv4 & IPv6 addresses and it has been doing both for over a year now. spamdyke doesn't seem to like the IPv6 resolver. /var/log/maillog showing LOTS of lines like this (log-level=info): May 4 13:08:56 Xeon_Right spamdyke[18382]: ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable nameserver found: fd00::1 My /etc/resolv.conf file contains these two lines: nameserver 10.0.0.1 nameserver fd00::1 I didn't think that spamdyke is IPv6 aware? Shouldn't it ignore the second nameserver line above? In hopes of getting some more info about this, I've set log-level=excessive. Thoughts? ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Softlimit messages
Wow. So for example, the starting linefor my smtpd-run file looks like this: exec /usr/local/bin/softlimit -m 2 /usr/local/bin/tcpserver -4v -R -l $LOCAL \ and I can simply change it to this: exec /usr/local/bin/tcpserver -4v -R -l $LOCAL \ with impunity? On 6/20/2015 5:12 PM, Sam Clippinger via spamdyke-users wrote: IMHO, everyone should delete the softlimit program from their servers immediately. Not that I have a strong opinion on the matter or anything. :) ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] New version: spamdyke 5.0.1
Thank you, Sam. For so much work on this update, a measly 0.0.1 version bump belittles it. On 5/1/2015 11:36 AM, Sam Clippinger via spamdyke-users wrote: spamdyke lives! spamdyke version 5.0.1 is now available: http://www.spamdyke.org/ This version fixes a ton of bugs, including a number of access violations that can lead to crashes. Most importantly, the recipient validation feature now works correctly (and has been exhaustively tested). Version 5.0.1 is backwards-compatible with version 5.0.0; simply replacing the old binary with the new one should be safe. -- Sam Clippinger ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users